SecureCube.com

26Aug/110

Apache LDAP Authentication

Quick Setup of using LDAP for authentication in Apache with .htaccess

1. Enable ldap module
a2enmod authnz_ldap

2. Enable .htaccess files to be read

vi /etc/apache2/sites-enabled/000-default

Set AllowOverride from 'none' to 'All' for your web directory.

3. Create a .htaccess file within the directory your trying to set passwords on and enter the following into the file.

AuthType Basic
AuthBasicProvider ldap
AuthName "My LDAP Auth"

AuthLDAPURL "ldap://<serverIP>/o=<root>?cn"
Require ldap-group cn=<group_name>, o=<root>

Following is a real world example with secondary LDAP server:

AuthType Basic
AuthBasicProvider ldap
AuthName "My LDAP Auth"

AuthLDAPURL "ldap://192.168.1.10 192.168.1.11/ou=People, o=Facility?cn"
Require ldap-group cn=Administrators, ou=People, o=Facility

That's it. Documentation can be found on the Apache site.